Domain 4: Communicatins and Network Security

Question 1

Simplex
Half-Duplex
Full Duplex

Answer 1

Simplex: One way, like a car radio

Half-Duplex: sends or receives one at a time

Full Duplex: sends and receives simultaneously

Question 2

Baseband

Broadband

Answer 2

Baseband

• One channel. Can only receive one signal at a time.
• Ethernet networks

Broadband

• Multiple channels
• Can send and receive multiple signals
• Cable TV

Question 3

PAN

GAN

Answer 3

PAN: Personal Area Network:

• Low power wireless technologies
• Bluetooth

GAN: Global Area Networks
-A collection of WANs

Question 4

Packet Switched Network

Answer 4

• Data is broken into packets and each sent individually
• Chooses the best route/different route
• Reassembled by receiving node
• Missing packets can be resubmitted
• Out of order packets can be re-sequenced
• Makes unused bandwidth available for other connections

Question 5

OSI Model Layers - Functions

Answer 5

7. Application - Network process to applications
8. Presentation - Data Representation
9. Session - Interhost Communication
10. Transport - End-to-End Connections
11. Network - Address and Best Path
12. Data Link - Access to Media
13. Physical - Binary transmission

Question 6

OSI Model Benefits

Answer 6

• Reduces complexity
• Standardizes interfaces
• Facilitates modular interfaces
• Ensures interoperability
• Accelerates evolution
• Simplifies teaching and learning

Question 7

Layer 1: Physical Layer

Answer 7

• Describes units of data as bits represented by energy.
• Cabling
• Devices- hubs and repeaters

Question 8

OSI Model Layers - Packages

Answer 8

7. Application - protocol data units
8. Presentation - protocol data units
9. Session - protocol data units
10. Transport - segment (TCP)/Datagram (UDP)
11. Network - packets
12. Data Link - frames
13. Physical - bits

Question 9

Layer 2: Data Link

Answer 9

-Handles access to the physical layer as well as local area network communications
-Divided into two sub-layers
>Media Access Control (MAC) - transfers to and from the the physical layer - touches layer 1
>Logical Link Control (LLC) - handles LAN Communications - Touches Layer 3

Question 10

Layer 3: Network

Answer 10

• Describes routing: moving data from a system on one LAN to a system on another
• Provides connectivity and path selection between two end systems
• Routing
• IP Addresses and router
• IPv4 IPv6
• Also called logical address

Question 11

Layer 4: Transport

Answer 11

• Handles packet sequencing, flow control and error detection
• Concerned with transportation issues between hosts
• Data transport reliability
• Establish, maintains and terminate virtual circuits
• Fault detection and recovery
• Information flow control
• TCP Protocol

Question 12

Layer 5: Session

Answer 12

• Connections between applications
• Manages sessions
• provides maintenance on connections
• Remote call procedures (RPC)
• Simplex, half, full duplex communications

Question 13

Layer 6: Presentation

Answer 13

• Presents data to the application and user in a comprehensible way
• Insures data is readable by receiving system
• Format of the data
• Negotiates data transfer syntax for application layer
• Concepts include data conversion
• JPEG, GIF, HTML

Question 14

Layer 7: Application

Answer 14

-Where users interface with computer application
-Web browser, work processor, IM app
-Provides network services to application process such as email, file transfer
Protocol Telnet, FTP

Question 15

TCP/IP Model

Answer 15

• Application Layer
• Transport Layer (Host To Host)
• Internet Layer
• Network Access
• created by US Defense Advanced Research Projects Agency in 1970s
• Suite of protocols including UDP, ICMP Layer 4
• IP Layer 3

Question 16

TCP/IP Model OSI Model

Answer 16

TCP/ IP vs. OSI
Application Layer = Application Layer
Presentation Layer
Session Layer

Transport (Host To Host) Layer = Transport Layer

Internet Layer = Network Layer

Network Access = Data Link Layer
Physical Layer

Question 17

TCP - Transmission Control Protocols

Answer 17

• Connection-oriented protocol
• supports dialogues between source and destination
• packages information into segments
• provides reliable full-duplex
• supports flow control
• retransmission

Question 18

UDP - User Datagram Protocol

Answer 18

• connectionless protocols
• packages information into datagrams
• does not provide flow control
• error processing and retransmission must be handled by other protocols
• unrealiable

Question 19

Encapsulation

Answer 19

• Takes information from a higher layer and adds a header to it.
• The higher layer sees information as data

Question 20

MAC Addresses

Answer 20

-48 bits long
.first 24 form the Organizationally unique identifier
.last 24 form serial number (extension identifier)

-IEEE created the EUI-64 for 64 bit MAC addresses

Question 21

IP V4

Answer 21

• 32-bit address field allows 2(32) or nearly 4.3 billion addresses
• IP header field is 20 bytes long
• Designed in the 1970s to support packet-switched network
• Requires a “helper protocol” called ICMP
• IP in connectionless and unreliable. Provided best effort
• Connection and reliability has to be provided by protocol carrier like TCP

Question 22

IPv4 IP Fragmentation

Answer 22

-Maximum Transmission Unit (MTU): maximum PDU size of a network

• Fragmentation breaks a large packet into multiple smaller packets
• Typical MTU size for an IP packet is 1500 bytes

Question 23

IPv6

Answer 23

• Larger address space (128-bit address compared to IPv4’s 32 bits)
• 2(128)
• 340 sextillion addresses
• IPv6 header is 40 bytes vs. 20 bytes of IPv4

Question 24

IP v6 Address and Configuration

Answer 24

• Can stateless configure a unique address. No need for static addressing or DHCP
• Stateless takes the host;s MAC and uses it to configure IP
• DHCP be used with IPv6. Called “Stateful Autoconfiguration”

Question 25

IPv4 IP address Ranges

Answer 25

Class A: 0-126
Class B: 128-191
Class C: 192-223
Class D: 224-239
Class E: 240-255

Question 26

RFC 1918 Addressing

Answer 26

Three blocks of IP addresses are set aside

• 10.0 - 10.225
• 127 - Loopback
• 172.16 - 172-31
• 192.168

Question 27

ARP RARP

Answer 27

Address Resolution Protocol (ARP)
.Used to translate between layer 2 MAC address and Layer 3 IP address
.Asks who has IP address …

RARP
.Used in diskless workstations
.Node asks:”Who had MAC address at 00:48:

Question 28

TCP

Answer 28

.Reliable Layer 4 protocol
.Uses 3 way handshake (SYN, SYN-ACK,SYN back)
can reorder segments that arrive out of order
.Header 20 bites long

Question 29

Socket Pair

Answer 29

.Combination of an IP address and a TCP-UDO port on one node

Question 30

TCP Flags

Answer 30

URG: Packets contains urgent data
ACK: Acknowledge received data
PSH: Push data to application layer
RST: Reset (tear down) a connection
SYN: Synchronize a connection
FIN: Finish a connection (gracefully)
CWR: Congestion Window Reduced
ECE: Explicit Congestion Notification Echo)

Question 31

TCP Handshake

Answer 31

1. The client chooses the initial sequence number, set in the first SYN packet
2. The server also chooses its own initial sequence number, set in the SYN/ACK packet
3. Each side acknowledges the other’s sequence number by incrementing it. This is the acknowledgement number.
4. Once the connection is established, ACK, typically each segment.

Question 32

DNS - Domain Name Service

Answer 32

• A distributed global hierarchical database that translates names to IP addresses and vice versa
• Uses both TCP and UDP

DNS Security Extension DNCSEC
-provided authentication and integrity to DNS response via the use of public key encryption

Question 33

Ethernet (CSMA/CD CSMA/CA)

Answer 33

Carrier Sense Multiple Access
- Collision Detection
.Monitor network to see if idle before transmit
.Used in wired ethernet

• Collision Avoidance (CA)
  . used for systems such as 802.11 wireless that cannot send and receive simultaneously
  . relies on acknowledgement from the receiving station.

Question 34

Private IP Address Ranges

Answer 34

• 10.0.0.0–10.255.255.255 (a full Class A range)
• 172.16.0.0–172.31.255.255 (16 Class B ranges)
• 192.168.0.0–192.168.255.255 (256 Class C ranges)

Question 35

Routing Protocols - Interior

Answer 35

Distance Vector: maintain list of destination networks along with metrics
. RIP- Routing Information Protocol
. IGRP- Interior Gateway Routing Protocol
. EIGRP

Link State: Gather router characteristics, like latency
.OSPF
.ISISI

Question 36

Routing Protocols - Exterior

Answer 36

Path vector routing protocol” make next hop decisions based on the entire remaining path to the destination
.BGP- Border Gateway Protocol

Question 37

Spread Spectrum

Answer 37

Spread spectrum means that communication occurs over multiple frequencies. Thus, a message is broken into pieces, and each piece is sent at the same time but using a different frequency. Effectively this is a parallel communication rather than a serial communication.

Question 38

Firewall Types

Answer 38

.Static Packet-Filtering Firewalls: filters traffic by examining data from a message header

.Application-Level Firewall: filters traffic based in a single internet service, protocol, or application

.Circuit-Level Firewalls: used to establish connections between trusted partners (Layer 5 -Session Layer)

.Stateful Inspection Firewall: evaluate the state, session, context of network traffic. (Layer 3, Network Layer)

.Next-Generation Firewall:  MFD UTM, composed of several security features,
>application filtering
>deep packet inspection
.TLS offloading
.content filter
IPD,PDS

.Internal Segmentation Firewall: deployed between internal network segments.

Question 39

Proxies

Answer 39

Proxy server are a variation of an Application-level firewall or circuit-level firewall.
.used to mediate between clients and servers.

> Forward proxy is a standard or common proxy that acts as an intermediary for queries of external resources. A forward proxy handles queries from internal clients when accessing outside services.

> Reverse proxy provides the opposite function of a forward proxy; it handles inbound requests from external systems to internally located services. A reverse proxy is similar to the functions of port forwarding and static NAT

Question 40

Endpoint detection and response (EDR)

Answer 40

.Focuses on both endpoint device as well as network communication.

.EDR is an evolution of traditional anti-malware products, IDS, and firewall solutions. EDR seeks to detect, record, evaluate, and respond to suspicious activities and events, which may be caused by problematic software or by valid and invalid users.

Question 41

IEEE 802.1X

Answer 41

.Defines the use of encapsulated EAP to support a wide range of authentication options for LAN connections.

.The IEEE 802.1X standard is formally named “Port-Based Network Access Control

Question 42

Tunneling

Answer 42

.Network communications process that protects the contents of protocol packets by encapsulating them in packets of another protocol.

Split tunnel: VPN configuration that allows a VPN-connected client system (i.e., remote node) to access both the organizational network over the VPN and the internet directly at the same time.

Full tunnel: VPN configuration in which all of the client’s traffic is sent to the organizational network over the VPN link, and then any internet-destined traffic is routed out of the organizational network’s proxy or firewall interface to the internet